Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D05323621E111F1831163D9DAE4EC9C.roa
File: 3D05323621E111F1831163D9DAE4EC9C.roa (raw, json)
Hash identifier: Oo3o6oYJhrKUaoGmtbNvA7gzG2L4IEwPH/8ZA+ujOhc=
Subject key identifier: 97:7C:A0:EB:A8:83:75:29:F1:C2:BE:66:85:58:4D:5C:E2:CD:62:CD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF91
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D05323621E111F1831163D9DAE4EC9C.roa
Signing time: Tue 17 Mar 2026 09:11:10 +0000
ROA not before: Tue 17 Mar 2026 09:11:06 +0000
ROA not after: Fri 01 May 2026 09:11:06 +0000
asID: 14315
IP address blocks: 154.194.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114577 (0x1bf91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 09:11:06 2026 GMT
Not After : May 1 09:11:06 2026 GMT
Subject: CN=69b91aae-9f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:88:69:75:db:33:f0:0e:96:64:b9:ac:7d:bd:
62:ee:b8:64:c1:80:82:7c:80:6b:d6:85:5b:4a:b1:
19:36:66:e0:9a:14:3d:b4:02:be:2c:8b:10:45:73:
e6:f3:5c:56:ba:0c:df:2b:f2:a0:d7:fb:b9:84:de:
76:68:ad:8d:8b:c9:2c:60:66:6b:1a:eb:a3:01:33:
9c:1d:17:15:43:dd:ef:7d:87:9f:2d:ba:86:29:d3:
46:5d:11:b6:18:0f:bf:1a:3b:57:db:9d:81:2b:70:
9b:fe:0f:23:53:32:b9:68:b5:be:5c:32:f1:e8:d4:
f0:10:b3:b2:36:29:43:18:84:b6:e0:14:d5:46:b5:
6c:b5:91:68:7f:bd:14:e6:79:e5:d7:2d:fa:de:00:
d2:f9:25:e9:a8:2f:63:4f:e1:7e:9b:35:48:b2:49:
e6:f6:bf:60:f3:da:70:c8:eb:49:e3:b8:e6:a0:5b:
fb:73:0e:b3:2c:59:d4:32:2d:f0:42:c9:bd:bb:72:
9b:f1:b1:9d:2f:d9:aa:cd:d0:de:b4:ac:a0:cf:e6:
15:61:66:f6:41:5f:fe:77:9f:11:21:41:74:0f:42:
fd:0b:db:8c:69:8e:40:49:d4:26:d4:97:07:a7:3d:
b4:4f:64:12:9c:bf:a2:ac:c5:b1:26:c5:3e:87:4d:
75:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:7C:A0:EB:A8:83:75:29:F1:C2:BE:66:85:58:4D:5C:E2:CD:62:CD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D05323621E111F1831163D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.50.0/24
Signature Algorithm: sha256WithRSAEncryption
08:f7:fd:97:bf:f8:60:0b:92:c4:42:d1:19:12:e7:82:c6:70:
96:59:87:6f:9d:df:9f:32:6b:4c:e8:15:6e:25:86:44:a1:6a:
72:dd:dc:7e:66:a3:8a:4b:94:58:73:bc:85:04:92:84:9b:84:
ca:2d:b6:86:30:26:d7:39:38:3e:ae:98:bd:b3:69:ec:f8:63:
32:91:3a:d1:a9:6a:20:e7:74:0d:7d:44:1a:29:cd:51:b0:4d:
f9:7a:4b:3b:c6:d4:1e:26:6b:fe:80:b6:42:dc:56:08:2e:77:
ba:6d:12:3b:df:5a:9e:a7:3e:f6:0d:7b:eb:ae:f5:0a:a7:f7:
83:14:a0:d2:05:9c:f1:cf:5b:91:ee:df:b5:13:30:bf:19:15:
8d:c0:15:f8:ec:47:10:10:68:38:db:f8:0a:7b:5a:d7:96:a7:
28:8d:ad:a9:9c:a2:e5:c3:ff:dd:14:5d:dc:43:63:0c:89:ea:
33:7a:8e:59:74:a5:ec:37:85:57:17:9b:6e:f9:c5:c5:6b:d0:
2e:c2:eb:00:e9:ce:3f:41:a6:47:1e:be:37:04:63:01:99:80:
d0:a7:ca:03:33:37:42:21:db:4c:40:c2:a7:89:bc:91:0d:c1:
fa:c8:19:83:ed:ef:c6:f8:b7:29:91:a6:e7:6f:31:2b:b6:6b:
0d:8b:22:37
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb+RMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE3MDkxMTA2WhcNMjYwNTAxMDkxMTA2WjAYMRYw
FAYDVQQDEw02OWI5MWFhZS05ZjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtohpddsz8A6WZLmsfb1i7rhkwYCCfIBr1oVbSrEZNmbgmhQ9tAK+LIsQ
RXPm81xWugzfK/Kg1/u5hN52aK2Ni8ksYGZrGuujATOcHRcVQ93vfYefLbqGKdNG
XRG2GA+/GjtX252BK3Cb/g8jUzK5aLW+XDLx6NTwELOyNilDGIS24BTVRrVstZFo
f70U5nnl1y363gDS+SXpqC9jT+F+mzVIsknm9r9g89pwyOtJ47jmoFv7cw6zLFnU
Mi3wQsm9u3Kb8bGdL9mqzdDetKygz+YVYWb2QV/+d58RIUF0D0L9C9uMaY5ASdQm
1JcHpz20T2QSnL+irMWxJsU+h011SQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJd8
oOuog3Up8cK+ZoVYTVzizWLNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRDA1MzIzNjIxRTExMUYxODMxMTYzRDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIyMA0GCSqGSIb3DQEB
CwUAA4IBAQAI9/2Xv/hgC5LEQtEZEueCxnCWWYdvnd+fMmtM6BVuJYZEoWpy3dx+
ZqOKS5RYc7yFBJKEm4TKLbaGMCbXOTg+rpi9s2ns+GMykTrRqWog53QNfUQaKc1R
sE35eks7xtQeJmv+gLZC3FYILne6bRI731qepz72DXvrrvUKp/eDFKDSBZzxz1uR
7t+1EzC/GRWNwBX47EcQEGg42/gKe1rXlqcoja2pnKLlw//dFF3cQ2MMieozeo5Z
dKXsN4VXF5tu+cXFa9AuwusA6c4/QaZHHr43BGMBmYDQp8oDMzdCIdtMQMKnibyR
DcH6yBmD7e/G+LcpkabnbzErtmsNiyI3
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:23 2026 by rpki-client